I don't think file locks are typically an issue. We open a handle with read perms as root, so we can typically get the data. You can ping
#C4ZR3CLLT for more questions, but we've had pretty good uses with it 🙂 There's a really good issue with instructions on how to setup ones own TLS endpoint for it here:
https://github.com/mwielgoszewski/doorman/issues/120